This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/NCNcQSJc0TGzJY4u8AfMXCbg0RE.roa File: NCNcQSJc0TGzJY4u8AfMXCbg0RE.roa (raw, json) Hash identifier: olrbYNRVZ37d5DGlOqhZmdOWpkC0qMK5uUX2T/dHnwk= Subject key identifier: 34:23:5C:41:22:5C:D1:31:B3:25:8E:2E:F0:07:CC:5C:26:E0:D1:11 Certificate issuer: /CN=db239685409f64ba1c3a54a8ef141c924e71d892 Certificate serial: 019B7F834CCEE6E922C5BD159CA46EA835C5 Authority key identifier: DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/NCNcQSJc0TGzJY4u8AfMXCbg0RE.roa Signing time: Fri 02 Jan 2026 16:21:09 +0000 ROA not before: Fri 02 Jan 2026 16:21:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35012 IP address blocks: 46.17.64.0/21 maxlen: 21 46.17.64.0/24 maxlen: 24 46.17.65.0/24 maxlen: 24 46.17.66.0/24 maxlen: 24 46.17.67.0/24 maxlen: 24 46.17.68.0/24 maxlen: 24 46.17.69.0/24 maxlen: 24 46.17.70.0/24 maxlen: 24 46.17.71.0/24 maxlen: 24 91.195.164.0/23 maxlen: 23 91.195.164.0/24 maxlen: 24 91.195.165.0/24 maxlen: 24 91.198.159.0/24 maxlen: 24 185.129.164.0/22 maxlen: 22 185.129.164.0/24 maxlen: 24 185.129.165.0/24 maxlen: 24 185.129.166.0/24 maxlen: 24 185.129.167.0/24 maxlen: 24 193.58.233.0/24 maxlen: 24 193.238.148.0/22 maxlen: 22 193.238.148.0/24 maxlen: 24 193.238.149.0/24 maxlen: 24 193.238.150.0/24 maxlen: 24 193.238.151.0/24 maxlen: 24 195.238.251.0/24 maxlen: 24 2a00:6000::/32 maxlen: 32 2a00:6000::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.mft rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:4c:ce:e6:e9:22:c5:bd:15:9c:a4:6e:a8:35:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db239685409f64ba1c3a54a8ef141c924e71d892 Validity Not Before: Jan 2 16:21:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=34235c41225cd131b3258e2ef007cc5c26e0d111 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:59:a7:e0:bc:d7:71:9a:33:e1:0a:29:09:51: 9c:20:eb:ac:e0:e3:a8:1d:5a:c2:ee:1d:17:71:c3: f6:14:5b:92:8d:da:bf:4e:ca:d9:26:1f:2a:95:cc: 06:60:48:24:77:f0:b2:d9:25:66:cc:13:52:7d:9e: b7:71:6d:33:ed:ba:2b:55:69:78:78:64:82:a2:45: 4f:09:98:20:c2:1b:95:a3:ec:be:0f:10:1d:06:ed: 23:ba:f8:89:85:12:0e:2f:db:2a:c6:bc:77:e4:0e: b6:51:82:2d:61:47:77:b0:fb:97:44:19:0c:b4:1b: 1f:71:79:9a:09:18:f2:24:e7:af:ec:60:d1:d2:0e: 09:21:26:59:b8:8b:55:a2:59:9c:cd:c3:6e:b6:47: 6b:1c:1b:80:1b:dc:fc:ab:24:fd:a4:52:57:df:03: 7a:4f:c0:31:52:20:c3:5e:1f:49:9f:7c:d4:ce:3f: f5:66:cf:8c:15:65:0a:c3:00:7f:4b:c8:58:4a:5e: 9f:96:47:61:04:4f:53:a9:dc:69:b2:fe:86:0e:89: c9:b1:a6:41:ef:f4:31:5b:b1:d1:82:de:45:66:db: 5c:46:33:a6:d6:3a:28:22:9e:69:f2:c7:ed:4e:ca: ae:0c:ae:ef:5e:b4:9a:e5:33:2e:88:24:1a:6f:7a: fb:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:23:5C:41:22:5C:D1:31:B3:25:8E:2E:F0:07:CC:5C:26:E0:D1:11 X509v3 Authority Key Identifier: keyid:DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/NCNcQSJc0TGzJY4u8AfMXCbg0RE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.17.64.0/21 91.195.164.0/23 91.198.159.0/24 185.129.164.0/22 193.58.233.0/24 193.238.148.0/22 195.238.251.0/24 IPv6: 2a00:6000::/32 Signature Algorithm: sha256WithRSAEncryption 5b:21:fa:23:29:39:0b:d2:fa:d3:a1:e5:cf:ae:09:83:61:a6: 06:48:de:ab:9f:b3:3f:74:1b:5f:bb:70:d3:be:af:19:c8:18: 4e:e7:d6:24:53:95:c9:0a:4c:92:a9:95:4e:dd:82:80:d3:48: 1a:3f:10:8d:24:51:44:d9:a6:88:73:5c:ab:a4:e1:21:19:1f: 41:41:24:19:3a:82:a4:3c:3b:a9:91:d8:f9:0c:09:3a:2b:fc: 86:9e:c0:3a:b1:8c:2b:e6:91:4e:31:41:d3:58:4d:4d:84:16: d3:70:da:86:b8:3c:01:38:ba:8c:b7:16:ba:f5:d4:1c:c2:0f: 26:82:91:62:44:6a:3c:03:60:7c:e5:22:c3:64:aa:cd:40:82: 5f:1d:d0:4d:9a:d1:2d:80:db:68:be:55:c6:5d:7f:18:7a:cf: 31:07:3d:3c:b6:d2:61:8f:9e:97:37:45:29:11:60:7f:e7:d3: 14:f2:b7:c0:74:e6:57:a1:26:02:80:84:dc:65:25:df:0f:9b: f7:4c:83:b0:8d:4c:1c:df:6a:8a:e9:26:b3:cd:52:1e:26:38: ec:4c:e6:d7:85:50:9a:7d:95:c5:12:99:96:48:86:f8:cf:2e: e1:7a:b7:56:74:cc:fb:99:5c:cb:17:0d:82:dc:71:71:24:38: e9:f5:ea:10 -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgISAZt/g0zO5ukixb0VnKRuqDXFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiMjM5Njg1NDA5ZjY0YmExYzNhNTRhOGVmMTQxYzkyNGU3 MWQ4OTIwHhcNMjYwMTAyMTYyMTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNDIzNWM0MTIyNWNkMTMxYjMyNThlMmVmMDA3Y2M1YzI2ZTBkMTExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Vmn4LzXcZoz4QopCVGcIOus4OOo HVrC7h0XccP2FFuSjdq/TsrZJh8qlcwGYEgkd/Cy2SVmzBNSfZ63cW0z7borVWl4 eGSCokVPCZggwhuVo+y+DxAdBu0juviJhRIOL9sqxrx35A62UYItYUd3sPuXRBkM tBsfcXmaCRjyJOev7GDR0g4JISZZuItVolmczcNutkdrHBuAG9z8qyT9pFJX3wN6 T8AxUiDDXh9Jn3zUzj/1Zs+MFWUKwwB/S8hYSl6flkdhBE9Tqdxpsv6GDonJsaZB 7/QxW7HRgt5FZttcRjOm1jooIp5p8sftTsquDK7vXrSa5TMuiCQab3r7WQIDAQAB o4ICPDCCAjgwHQYDVR0OBBYEFDQjXEEiXNExsyWOLvAHzFwm4NERMB8GA1UdIwQY MBaAFNsjloVAn2S6HDpUqO8UHJJOcdiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmIt MmVmNDQ3ZTFiMDhjLzEvTkNOY1FTSmMwVEd6Slk0dThBZk1YQ2JnMFJFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmItMmVmNDQ3ZTFiMDhj LzEvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDLhFAAwQB W8OkAwQAW8afAwQCuYGkAwQAwTrpAwQCwe6UAwQAw+77MA0EAgACMAcDBQAqAGAA MA0GCSqGSIb3DQEBCwUAA4IBAQBbIfojKTkL0vrToeXPrgmDYaYGSN6rn7M/dBtf u3DTvq8ZyBhO59YkU5XJCkySqZVO3YKA00gaPxCNJFFE2aaIc1yrpOEhGR9BQSQZ OoKkPDupkdj5DAk6K/yGnsA6sYwr5pFOMUHTWE1NhBbTcNqGuDwBOLqMtxa69dQc wg8mgpFiRGo8A2B85SLDZKrNQIJfHdBNmtEtgNtovlXGXX8Yes8xBz08ttJhj56X N0UpEWB/59MU8rfAdOZXoSYCgITcZSXfD5v3TIOwjUwc32qK6SazzVIeJjjsTObX hVCafZXFEpmWSIb4zy7herdWdMz7mVzLFw2C3HFxJDjp9eoQ -----END CERTIFICATE-----Generated at Sun Jan 25 20:01:06 2026 by rpki-client